prompt-injection

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly describes and provides payloads for exfiltrating sensitive values (e.g., embedding secrets in image URLs, URL parameters, or markdown) which instructs an agent to output secrets verbatim, creating high exfiltration risk.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The content is an explicit, step‑by‑step manual for prompt injection, toolchain hijacking, RAG poisoning and data exfiltration (including stealing API keys, environment secrets, and sending them to attacker-controlled endpoints), clearly intended to enable malicious abuse.